Procmon

Security checks across malware telemetry and agentic risk

Overview

ProcMon is a straightforward local process-monitoring skill with explicit, user-invoked logging and no evidence of hidden network, credential, destructive, or background behavior.

Install only if you are comfortable with an agent viewing local process and listening-port information. If you use procmon log, remember it leaves local records under ~/.procmon and delete those logs when you no longer want the history retained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 67% confidence
Finding: Writing process statistics to `~/.procmon/<name>.log` creates persistent local artifacts that may expose process names, timing, and resource-usage history without clearly warning the user. While this is low severity and expected for a logging feature, undisclosed persistence can still leak operationally sensitive information on shared or monitored systems.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal